1 minute read

A good mix of content this week on architecture, container build tools, incident management and AWS Lambda this week.

StackHawk sponsors Devops Weekly

Adding security testing to the development lifecycle means deploying to production the right way the first time. Watch a StackHawk demo to see how you can use automated testing to avoid roadmap disruptions and slowdowns.
https://sthwk.com/watch-a-demo

News

A detailed post looking at applying Domain Driven Design principles to a real-world Serverless architecture.
https://leejamesgilmore.medium.com/serverless-domain-driven-design-6da44e151cfa

Containers as more of an implementation detail is definitely how I think things should work in many cases, so it’s nice to see first-class support for building and publishing container images for .NET applications in the .NET SDK.
https://devblogs.microsoft.com/dotnet/announcing-builtin-container-support-for-the-dotnet-sdk/

An introduction to AWS Lambda function versions, with a simple example of publishing a stable and latest version of the function.
https://nodogmablog.bryanhogan.net/2022/08/working-with-lambda-function-versions/

SPF (Sender Policy Frameworks) helps with fighting email spam, but how does it work? Or how is it meant to work and how is it actually implemented?
https://www.netmeister.org/blog/spf.html

Most teams try to minimise the number of formal incidents. But this post looks at the benefits of more lower severity incidents to a health incident management culture.
https://thenewstack.io/running-more-low-severity-incidents-is-improving-our-culture/

In a cloud native environment the overlap between infrastructure, architecture and code is an interesting one. This post looks at that overlap, with examples from AWS and CDK in particular.
https://build.diligent.com/infrastructure-is-architecture-with-cdk-3678073238d5

A nic demo showing how to use the sigstore policy (admission) controller to verify keyless sigstore signatures.
https://github.com/lukehinds/policy-controller-demo

Tools

An interactive debugger for Dockerfile, stepping through layer-by-layer, along with integration with popular IDEs.
https://github.com/ktock/buildg

GitGat is a handy tool for ensuring your GitHub organisation is set up securely, testing the things like key expiration, multi-factor authentication and commit signing and enforcing secure configuration using Open Policy Agent.
https://github.com/scribe-public/gitgat

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...